453ab3bb95
This brings us up to date with the latest apache2 cookbook which included a major refactor in 6.0.0 removing all of the definitions and recipe with proper resources. Instead of using the apache2_default_site resource, directly use a template and then enable the config file using the apache2_site resource. This gives us the most flexibility. - Install mod_wsgi as a package on RHEL since there is no built-in resource for it. - Don't set SELinux to permissive on RHEL (I tested this works properly with it set to enforcing). - Remove hack for restarting apache. - Convert web_app to template and subscribe to restarting apache. - Remove resources to restore SELinux contexts since this taken care of by Chef now automatically. - Remove unused references to log_debug in wsgi template - Add missing WSGISocketPrefix to wsgi template - Additional tests for keystone.conf and identity.conf - Remove unused ldap section tests as we no longer have attributes for it - Include additional cookbooks in Berksfile required for CI Depends-On: https://review.opendev.org/702772 Change-Id: I717247217523e89251e4c0bead0c1a0d114ade2a |
||
---|---|---|
.delivery | ||
attributes | ||
recipes | ||
spec | ||
templates/default | ||
.gitignore | ||
.gitreview | ||
.rubocop.yml | ||
.rubocop_todo.yml | ||
.zuul.yaml | ||
Berksfile | ||
CONTRIBUTING.md | ||
LICENSE | ||
README.rst | ||
Rakefile | ||
TESTING.md | ||
metadata.rb |
README.rst
OpenStack Chef Cookbook - identity
Description
This cookbook installs the OpenStack Identity Service Keystone as part of the OpenStack reference deployment Chef for OpenStack. The OpenStack chef-repo contains documentation for using this cookbook in the context of a full OpenStack deployment. Keystone is installed from packages, creating the default user, tenant, and roles. It also registers the identity service and identity endpoint.
https://docs.openstack.org/keystone/latest/
Requirements
- Chef 14 or higher
- ChefDK 3.2.30 for testing (also includes Berkshelf for cookbook dependency resolution)
Platform
- ubuntu
- redhat
- centos
Cookbooks
The following cookbooks are dependencies:
- 'apache2', '~> 8.0'
- 'openstack-common', '>= 18.0.0'
- 'openstackclient'
Attributes
Please see the extensive inline documentation in
attributes/*.rb
for descriptions of all the settable
attributes for this cookbook.
Note that all attributes are in the default['openstack']
"namespace"
The usage of attributes to generate the keystone.conf
is
described in the openstack-common cookbook.
Recipes
openstack-identity::cloud_config
- Manage the cloud config file located at
/root/clouds.yaml
openstack-identity::_credential_tokens
- Helper recipe to manage credential keys
openstack-identity::_fernet_tokens
- Helper recipe to manage fernet tokens
openstack-identity::openrc
- Creates a fully usable openrc file to export the needed environment variables to use the openstack client.
openstack-identity::registration
- Registers the initial keystone endpoint as well as users, tenants and roles needed for the initial configuration utilizing the custom resource provided in the openstackclient cookbook. The recipe is documented in detail with inline comments inside the recipe.
openstack-identity::server-apache
- Installs and configures the OpenStack Identity Service running inside of an apache webserver. The recipe is documented in detail with inline comments inside the recipe.
License and Author
Author | Justin Shepherd (justin.shepherd@rackspace.com) |
Author | Jason Cannavale (jason.cannavale@rackspace.com) |
Author | Ron Pedde (ron.pedde@rackspace.com) |
Author | Joseph Breu (joseph.breu@rackspace.com) |
Author | William Kelly (william.kelly@rackspace.com) |
Author | Darren Birkett (darren.birkett@rackspace.co.uk) |
Author | Evan Callicoat (evan.callicoat@rackspace.com) |
Author | Matt Ray (matt@opscode.com) |
Author | Jay Pipes (jaypipes@att.com) |
Author | John Dewey (jdewey@att.com) |
Author | Sean Gallagher (sean.gallagher@att.com) |
Author | Ionut Artarisi (iartarisi@suse.cz) |
Author | Chen Zhiwei (zhiwchen@cn.ibm.com) |
Author | Eric Zhou (zyouzhou@cn.ibm.com) |
Author | Jan Klare (j.klare@cloudbau.de) |
Author | Christoph Albers (c.albers@x-ion.de) |
Author | Lance Albertson (lance@osuosl.org) |
Copyright | Copyright 2012, Rackspace US, Inc. |
Copyright | Copyright 2012-2013, Opscode, Inc. |
Copyright | Copyright 2012-2013, AT&T Services, Inc. |
Copyright | Copyright 2013-2014, SUSE Linux |
Copyright | GmbH Copyright 2013-2014, IBM, Corp. |
Copyright | Copyright 2016-2019, Oregon State University |
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.